Access control and/or filter conditions are sometimes imposed on components stored in database systems. To evaluate whether an imposed access control or filter condition is correctly controlling access to components, a complete matching result set approach is typically used. The complete matching result set approach, however, unnecessarily relies on more complex results validation.
In addition, the complete matching result set approach involves unnecessary upfront test case development, is more prone to human error for ensuring all levels are correctly enforced, and requires more information to be absorbed by a test case developer in order to understand the full set of results of test cases for maintenance and debugging. Furthermore, complete matching result set verification may be intolerant of other models being tested on the same system when testing wild card situations because components that are unknown to the verification procedure may be returned as a part of the result set.
Consequently, there is a need to provide a mechanism to evaluate access control and filter conditions that is less prone to human error and makes sure all possible scenarios are verified.